What Facebook Needs to Remember

By Don Reisinger |
Posted 2010-05-24

10 Ways Facebook Can Improve Privacy and Security

Facebook
is in a world of danger. The world's largest social network has been facing
increased pressure from privacy advocates, legislators and its users over what
some see as an unacceptably weak level of privacy and security on the site.

Facebook CEO Mark Zuckerberg said
recently he understands what the critics are saying and plans to improve the
company's privacy settings to make them easier to use. The CEO
said in a recent e-mail exchange with well-known tech blogger Robert Scoble his
company has "made a bunch of mistakes," and he plans on correcting
them. But it won't be easy.

Users are growing increasingly concerned about the overall security of the
site and the privacy of their personal data. Although Facebook says it wants to
do everything it can to safeguard users, it also has to remember its business
model, which relies on the free exchange of personal information. That said,
something needs to be done.

For too long now, people have been criticizing Facebook for its seeming
willingness to share as much information as users will allow. All that needs to
stop now. Facebook has a responsibility to keep user data safe and private. And
it needs to remember that.

Here are 10 things that Facebook must do to increase user privacy and
security.

1. Listen to users

Facebook needs to spend more time listening to its users. Although the
company realizes that it can't always give in to users' demands, it also needs
to realize that the users need to be happy with the way things are going. That
can only happen if it starts listening to what the users want. They don't want
to have to deal with complicated privacy settings. They also don't want to have
to worry about security when talking to friends. If Facebook
started listening to its users more often, it would have a much easier time
running its business.

2. Ads aren't everything

Part of the reason Facebook is facing all this trouble today is its desire
to increase its bottom line through advertising. The company fully understands
that the more open profile information is, the easier it is to attract advertisers
that want to target a specific portion of its user base. Although that's
entirely understandable, it's also starting to come back and bite Facebook.
Advertising revenue can still be a key component in its revenue, but it can't
dedicate its operation to that. Facebook Credits could be even bigger for the
company and that feature doesn't inherently call Facebook's privacy and
security settings into question. Look beyond ads, Facebook. It's safer that
way.

3. Third-party partners can't always be trusted

Facebook has started sharing profile information with some of its
third-party partners. Several privacy advocates have railed against this policy,
saying that type of transfer of personal information isn't helping users in any
way. They make a solid point. If Facebook is truly dedicated to increasing the
privacy of its social network, it can't simply trust that the information it
shares with third parties will be handled responsibly. That's not to say that
third parties can never be trusted. But as consumers have learned time and
again, the more companies that have their hands on a user's information, the
worse it could potentially be for that user.

4. No users means no money

Facebook is in a dangerous position. The more the company alienates its user
base, the more uncertain its future becomes. It can't forget that Facebook
won't exist without users communicating with friends. Recently, a group was
formed that plans to "quit" Facebook by the end of May if things
don't get better on the site. So far, more than 10,000 folks have signed up.
Granted, that's not a huge number, considering Facebook has 400 million active
users. But it could be the start of something much bigger. Facebook should be
concerned about its future. And it needs to realize that making users happy
should be its first step.

What Facebook Needs to Remember

5. Make things easier for users

Currently, Facebook's privacy features are quite good. They allow users to
control almost every facet of their profiles, including who can see the content
they or others share with friends. But they're too difficult for the average,
novice Web user to find. And when they finally find those settings, there isn't
enough information to help users adequately determine what to do with each
setting. That could be a serious problem. Facebook
needs to work hard at making its privacy settings more available and much
easier to use. That will not only give its users more options, it will get
back the political capital Facebook has lost over these past several months.

6. Establish a quick-response security team

One of the first things Facebook should do is establish a quick-response
security team. Although the company currently has security teams in place, it
needs to come up with a top-notch team of professionals that are constantly
sniffing out issues across the social network, such as searching for phishing
scams and for malware that has found its way onto the site. If Facebook can
demonstrate to users that it's serious about security and has a quick-response
team in place to limit the impact of potential privacy breaches, it could
significantly improve its chances of regaining user trust.

7. Start educating users
This one won't be easy, but it's necessary. Facebook needs to do a better job
of educating people on the dangers of using social networks. It also needs to
help users understand how they can improve their own security and privacy.
Admittedly, it will be tough for Facebook to do that. But it needs to try.
Educating users is an extremely important step for a company that's trying
desperately to look like the good guy in the security and privacy battle. If it
can make the point that it's attempting to educate users to help them find problems
before they wreak havoc on their own computers, it might be able to keep from alienating
its core base.

8. Make privacy and security controls more business-friendly

Consumers might not care about how Facebook's
privacy and security controls affect corporations, but the enterprise
certainly does. Nowadays, more and more people are accessing social networking
sites from the office. Although they don't see the dangers of that, the IT
staff does. It's a constant struggle for IT professionals to stay ahead of
social network use. But if Facebook added security controls designed
specifically for IT administrators to use in their operations, that would
change everything. Not only would it make users who want to be able to access
social networks at work happy, it would make it easier for companies to
safeguard their networks if trouble erupts on the site.

9. Make security a community project

Facebook should tap into the knowledge of its international community to
improve the site's security. As Linux, Google and other open-source advocates
have shown throughout the years, relying on the intelligence of the community
is a smart strategy. Typically, folks across the globe can contribute more to a
solid security strategy than a handful of so-called experts sitting in a room
somewhere discussing how to improve a platform. By drawing on its users,
Facebook can not only improve its security, it can give the community a vested
interest in making the site more secure.

10. Always remember the responsibility

In recent months, Facebook might have lost its
way. It became too complacent, believing that its success would continue
indefinitely. It also figured that its users wouldn't care nearly as much about
privacy as they actually do. It was a mistake. Going forward, Facebook needs to
remember that it has a responsibility to keep its site secure. It also has a
responsibility to keep its users' privacy intact. If it can achieve both of
those goals, everything will be fine. But if it loses sight of those goals
again, more trouble will certainly await it.